Hi there,
I've done that by building a policy filter that bans those IPs using
iptables whenever those trap accounts get reached.
It wasn't that easy, but its beautiful how it's working.
Chain SPAMBLOCK (X references)
pkts bytes target prot opt in out source
destination
0 0 REJECT tcp -- * * 179.97.63.X
0.0.0.0/0 multiport dports 25,80,110,143,443,587,993,995
reject-with icmp-port-unreachable
0 0 REJECT tcp -- * * 138.59.146.X
0.0.0.0/0 multiport dports 25,80,110,143,443,587,993,995
reject-with icmp-port-unreachable
BR,
Rafael
Em sex, 24 de mai de 2019 às 13:35, @lbutlr <krem...@kreme.com> escreveu:
>
> I have an active email address that only receives spam (it is an address that
> wasn't used for years but I've recently reactive to see just how much spam an
> unprotected decades old account that hasn't accepted mail since 2006 would
> get).
>
> Anyway, what I would like to do is somehow blacklist any IP that sends mail
> to that address for some period of time, configurable by me but not
> necessarily dynamic. (That is, if I could specify 1 day or 3 hours for any
> match, that is fine).
>
> I suspect that postfix might be able to do this through some sort of
> helo_access check? I mean, I know managing the timeout would be outside of
> postfix, but I can figure that part out easily enough.
>
> Or should I look at expanding the log matching in fail2ban instead?
>
> Or something obvious and clearly better?
>
> --
> 'Never build a dungeon you wouldn't be happy to spend the night in
> yourself,' said the Patrician (...). 'The world would be a happier place
> if more people remembered that.' --Guards! Guards!
>
>
>
>
